Alert News 20222026(0)  2025(47)  2024(19)  2023(11)  2022(19)  2021(21)  2020(40)  2019(27)  2018(32)  2017(54)  2016(100)  2015(118)  2014(139)

Published

Public 

Updated 

VU#

Title

2022-11-162022-01-102023-01-03VU#709991Netatalk contains multiple error and memory management vulnerabilities
2022-11-082022-11-082022-11-23VU#434994Multiple race conditions due to TOCTOU flaws in various UEFI Implementations
2022-11-012022-11-012023-01-10VU#794340OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly
2022-10-072022-10-072022-12-19VU#730793Heimdal Kerberos vulnerable to remotely triggered NULL pointer dereference
2022-10-032022-10-032022-11-10VU#915563Microsoft Exchange vulnerable to server-side request forgery and remote code execution.
2022-09-272022-09-272023-01-03VU#855201L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers
2022-08-112022-08-112022-09-28VU#309662Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass
2022-08-042022-08-042022-08-05VU#495801muhttpd versions 1.1.5 and earlier are vulnerable to path traversal

2022-06-21

2022-06-21

2022-06-21

VU#142546

SMA Technologies OpCon UNIX agent adds the same SSH key to all installations

2022-05-09

2022-05-02

2022-05-09

VU#473698

uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID

2022-04-28

2022-04-28

2022-04-28

VU#730007

Tychon is vulnerable to privilege escalation due to OPENSSLDIR location

2022-04-28

2010-10-10

2022-04-28

VU#411271

Qt allows for privilege escalation due to hard-coding of qt_prfxpath value

2022-03-31

2022-03-30

2022-04-13

VU#970766

Spring Framework insecurely handles PropertyDescriptor objects with data binding

2022-02-24

2022-02-24

2022-02-24

VU#383864

Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS

2022-02-22

2022-02-22

2022-02-24

VU#229438

Mobile device monitoring services do not authenticate API requests

2022-02-01

2022-02-01

2022-02-25

VU#796611

InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM

2022-01-31

2022-01-31

2022-03-01

VU#119678

Samba vfs_fruit module insecurely handles extended file attributes

2022-01-20

2022-01-20

2022-01-20

VU#287178

McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location

2022-01-07

2022-01-07

2022-01-07

VU#142629

Silicon Labs Z-Wave chipsets contain multiple vulnerabilities